VMM Database insert statement:
insert into dbentity (entity_id, entity_type, unique_id, unique_name, unique_name_key) values (-3000, 'OrgContainer', 'a9e5a980-3cec-11da-a833-828d43500d21', 'o=testOrg2', 'o=testOrg2');
wimconfig.xml file changes:
<config:repositories xsi:type="config:DatabaseRepositoryType" adapterClassName="com.ibm.ws.wim.adapter.db.DBAdapter"
id="DB2MemberRepos" isExtIdUnique="true" supportExternalName="false" supportPaging="false"
.......
.......
entityRetrievalLimit="50" JDBCDriverClass="com.ibm.db2.jcc.DB2Driver" saltLength="12">
<config:baseEntries name="o=testOrg1" nameInRepository="o=testOrg1"/>
<config:baseEntries name="o=testOrg2" nameInRepository="o=testOrg2"/>
</config:repositories>
<config:realms delimiter="/" name="defaultWIMFileBasedRealm" securityUse="active"
allowOperationIfReposDown="false">
<config:participatingBaseEntries name="o=defaultWIMFileBasedRealm"/>
<config:participatingBaseEntries name="o=testOrg"/>
<config:participatingBaseEntries name="o=testOrg1"/>
<config:participatingBaseEntries name="o=testOrg2"/>
<config:defaultParents entityTypeName="OrgContainer" parentUniqueName="o=testOrg"/>
<config:defaultParents entityTypeName="PersonAccount" parentUniqueName="o=testOrg"/>
<config:defaultParents entityTypeName="Group" parentUniqueName="o=testOrg"/>
<config:uniqueUserIdMapping propertyForInput="uniqueName" propertyForOutput="uniqueName"/>
<config:userSecurityNameMapping propertyForInput="principalName" propertyForOutput="principalName"/>
<config:userDisplayNameMapping propertyForInput="principalName" propertyForOutput="principalName"/>
<config:uniqueGroupIdMapping propertyForInput="uniqueName" propertyForOutput="uniqueName"/>
<config:groupSecurityNameMapping propertyForInput="cn" propertyForOutput="cn"/>
<config:groupDisplayNameMapping propertyForInput="cn" propertyForOutput="cn"/>
</config:realms>
<config:realms delimiter="/" name="dbdir.testOrg" securityUse="active" allowOperationIfReposDown="true">
<config:participatingBaseEntries name="o=defaultWIMFileBasedRealm"/>
<config:participatingBaseEntries name="o=testOrg"/>
<config:participatingBaseEntries name="o=testOrg1"/>
<config:participatingBaseEntries name="o=testOrg2"/>
<config:defaultParents entityTypeName="OrgContainer" parentUniqueName="o=testOrg2"/>
<config:defaultParents entityTypeName="PersonAccount" parentUniqueName="o=testOrg2"/>
<config:defaultParents entityTypeName="Group" parentUniqueName="o=testOrg2"/>
<config:uniqueUserIdMapping propertyForInput="uniqueName" propertyForOutput="uniqueName"/>
<config:userSecurityNameMapping propertyForInput="principalName" propertyForOutput="externalName"/>
<config:userDisplayNameMapping propertyForInput="principalName" propertyForOutput="principalName"/>
<config:uniqueGroupIdMapping propertyForInput="uniqueName" propertyForOutput="uniqueName"/>
<config:groupSecurityNameMapping propertyForInput="cn" propertyForOutput="externalName"/>
<config:groupDisplayNameMapping propertyForInput="cn" propertyForOutput="cn"/>
</config:realms>
Saturday, October 30, 2010
Friday, October 29, 2010
SECJ0369E: Authentication failed when using LTPA. The exception is
Check if following is correct based on the repository setting:
<config:supportedEntityTypes defaultParent="o=testOrg" name="PersonAccount">
<config:rdnProperties>uid</config:rdnProperties>
Check if defaultParent and config:rdnProperties have correct values.
Try cleaning up temporary folders :
wp_profile\temp
wp_profile\wstemp
wp_profile\tranlog
This might resolve the issue if all the configuration seems correct.
<config:supportedEntityTypes defaultParent="o=testOrg" name="PersonAccount">
<config:rdnProperties>uid</config:rdnProperties>
Check if defaultParent and config:rdnProperties have correct values.
Try cleaning up temporary folders :
wp_profile\temp
wp_profile\wstemp
wp_profile\tranlog
This might resolve the issue if all the configuration seems correct.
Thursday, April 1, 2010
New Features of WebSphere Application Server V 7.0
New features and enhancements in WebSphere Application Server V 7.0
Common
• Built on top of Java Platform Enterprise Edition (Java EE) 5.0 and Java Standard Edition (Java SE) 6.0
• Provides EJB 3.0
• Provides Java Persistence API (JPA) 1.0
• Ease in administration and movement of the applications from one environment to another.
• Better performance than previous versions
• EJB 3.0 API is simpler to code and provides better performance of previous versions.
• Resource efficient features, faster run-time, and new high-performance Web Service Engine
• LTPA Token V2.0 support for SSO
Administration
• Easy administration with Job Manager – remotely manage different environments with Job Manager including standalone servers and clustered environments from one central location across dispersed geographical locations.
• Administer multiple stand-alone nodes using Administrative agent – Single interface to administer multiple application servers, thereby reducing the overhead of running administrative services in every application server.
• Provides support for portable properties files which can be deployed across multiple environments with portable resource identifiers. Improves administration and movement of applications across different environments like dev, test, uat, prod, etc.
• Configure client reroute for applications using DB2 database – Specify alternate DB2 database server in case primary server fails to reroute the client requests to provide high availability.
• Authentication alias can be defined for each server. Server level authentication aliases will not be visible / accessible to other servers in the environment.
• Multiple mail providers and sessions supported. Different versions of the mail provider can co-exist with in the same JVM to provide better control and segregation for different applications.
• Business-level application is a new way of grouping applications together. This is in addition to servers, clusters, cells, EARs, WARs, etc. This way multiple EARs/WARs/JARs can be grouped together into one logical unit and me managed that way like start/stop them all with one command.
• Support of trusted context for DB2 databases to provide fine grained access control.
Security
• Support for Security Domains – Multiple security domains can be configured. Different applications/servers/clusters can be assigned to different security domains to achieve fine grained control over authentication/authorization. Local configuration defined for an application/server/cluster will over-ride global configuration; Following can be configured at local level:
Development
• Better transaction execution isolation with the provision to specify “commit priority” of the resources contained in a transaction.
• Client reroute for applications that use DB2 databases
• Better handling of data access exception with custom error mapping in DataStoreHelper
Common
• Built on top of Java Platform Enterprise Edition (Java EE) 5.0 and Java Standard Edition (Java SE) 6.0
• Provides EJB 3.0
• Provides Java Persistence API (JPA) 1.0
• Ease in administration and movement of the applications from one environment to another.
• Better performance than previous versions
• EJB 3.0 API is simpler to code and provides better performance of previous versions.
• Resource efficient features, faster run-time, and new high-performance Web Service Engine
• LTPA Token V2.0 support for SSO
Administration
• Easy administration with Job Manager – remotely manage different environments with Job Manager including standalone servers and clustered environments from one central location across dispersed geographical locations.
• Administer multiple stand-alone nodes using Administrative agent – Single interface to administer multiple application servers, thereby reducing the overhead of running administrative services in every application server.
• Provides support for portable properties files which can be deployed across multiple environments with portable resource identifiers. Improves administration and movement of applications across different environments like dev, test, uat, prod, etc.
• Configure client reroute for applications using DB2 database – Specify alternate DB2 database server in case primary server fails to reroute the client requests to provide high availability.
• Authentication alias can be defined for each server. Server level authentication aliases will not be visible / accessible to other servers in the environment.
• Multiple mail providers and sessions supported. Different versions of the mail provider can co-exist with in the same JVM to provide better control and segregation for different applications.
• Business-level application is a new way of grouping applications together. This is in addition to servers, clusters, cells, EARs, WARs, etc. This way multiple EARs/WARs/JARs can be grouped together into one logical unit and me managed that way like start/stop them all with one command.
• Support of trusted context for DB2 databases to provide fine grained access control.
Security
• Support for Security Domains – Multiple security domains can be configured. Different applications/servers/clusters can be assigned to different security domains to achieve fine grained control over authentication/authorization. Local configuration defined for an application/server/cluster will over-ride global configuration; Following can be configured at local level:
o Application Security
o Java 2 Security
o User Realm (user registry)
o Trust Association (TAI)
o JAAS Login Module (Application, System and J2C Authentication Data)
o Authentication mechanism attributes
o Java 2 Security
o User Realm (user registry)
o Trust Association (TAI)
o JAAS Login Module (Application, System and J2C Authentication Data)
o Authentication mechanism attributes
o Simple and Protected GSS-API Negotiation (SPNEGO) Web Authentication
o Authorization provider
o Other attributes
o Custom properties
• SPNEGO Web Authentication is now supported with enhanced features including dynamic reload of SPNEGO module with the need of server restart.o Authorization provider
o Other attributes
o Custom properties
Development
• Better transaction execution isolation with the provision to specify “commit priority” of the resources contained in a transaction.
• Client reroute for applications that use DB2 databases
• Better handling of data access exception with custom error mapping in DataStoreHelper
Saturday, March 13, 2010
Web 2.0 Theme – Navigation Issue – Links does not work after navigating back and forth on a page
WebSphere Portal Web 2.0 theme caches the links navigated. To overcome this problem comment out the following code in head_extras.jspf file:
function bootstrap() {
var currentState = null;
var prevUrl = com.ibm.portal.aggregation.backbutton.BACK_BUTTON_HANDLER.loadUrlFrag();
var currentUrl = top.location.href;
//if(prevUrl == currentUrl) {
// alert('prevUrl == currentUrl');
// currentState = com.ibm.portal.aggregation.backbutton.BACK_BUTTON_HANDLER.loadState();
// if ( currentState ) {
// ibm.portal.debug.text( "Loaded state from back button handler: " + dojox.data.dom.innerXML( currentState ) );
// }
// }
//Set flag to indicate CSA mode is active.
document.isCSA = true;
This should resolve the issue of non-navigating links.
WAS Tags: WebSphere Portal, WebSphere Application Server, WAS, Theme, Skin, Navigation, Java, Web 2.0, Links, CSA, Client Side Aggregation
Friday, February 19, 2010
How to resolve SQL22201N Reason Code "1" Error ?
Sometimes when you are working in Admin mode on DB2 using Configuration Assistant you may accidentally delete the repository information relating to authentication/authorization. This may also happen due to some other reason. If you are able to open Control Center and able to view the database tables using any other user then you are safe.
Right click on the database name and select authorize. Now add the user that you want to give access rights. Similarly add group if you need to provide access to a group. Grant all the required access rights then apply. Restart DB2 server to let the changes take effect this will resolve the problem encountered by you.
Right click on the database name and select authorize. Now add the user that you want to give access rights. Similarly add group if you need to provide access to a group. Grant all the required access rights then apply. Restart DB2 server to let the changes take effect this will resolve the problem encountered by you.
Friday, February 5, 2010
Scoped Classloading in WebSphere
Often there are situations when libraries included in the web archive (*.war) file are to be loaded first since their version differs from the version being loaded at enterprise archive (*.ear) level. Lets take an example where X.ear has a war module Z.war. There is a common.jar file which is included at X.ear level. If Z.war wants to provide its own version of the common.jar file then the best way to load this jar file is to use application class loader only to load war module files also. By default application (.ear) has application scope class loader and web module (.war) has its own class loader. The default setting to load classes is “Parent First”. Change this setting to “Parent Last” and also change the setting to single calss loader as per the figure shown below:
There is only one class loader for application and all web module files are also loaded using the same application class loader. This makes web module level classes also visible to the application class loader. As per the hierarchy, parent class loader cannot see classes loaded by the child class loader. In this case all files are loaded by one class loader therefore all classes are visible to each other across the application. Moreover, we have asked it to load child classes first, therefore, it will loaded web module (.war) classes first and then will load the classes defined at application level. This way web module can load its own classes first and hide the classes provided by application.
There is only one class loader for application and all web module files are also loaded using the same application class loader. This makes web module level classes also visible to the application class loader. As per the hierarchy, parent class loader cannot see classes loaded by the child class loader. In this case all files are loaded by one class loader therefore all classes are visible to each other across the application. Moreover, we have asked it to load child classes first, therefore, it will loaded web module (.war) classes first and then will load the classes defined at application level. This way web module can load its own classes first and hide the classes provided by application.
Saturday, January 16, 2010
Transferring Portal Databases from default Derby Database to DB2 Databases
Portal is installed by default with Derby database to store portal information. Portal uses following 6 databases to store different kind of information:
1. Release
2. Community
3. Customization
4. JCR
5. Feedback
6. Likeminds
Portal provides following 3 options while creating and transferring the databases:
1. Create one database and transfer all the databases to this single database
2. Create separate databases on the same server and transfer the portal data to them
3. Create separate databases on different server (distributed environment) and transfer the portal data to them.
This post will demonstrate how to transfer the portal databases to separate databases on the same server, but you can use the same steps to transfer the database to one database or databases created on separate servers.
After configuring your database server(s) by installing DB2 (or Oracle/MS SQL Server) and creating databases using the DB2 creation script you need to run the following to transfer the databases:
<wp_profile_root>\PortalServer\wizard\configwizard.bat
Running the above batch command will open the following screen:
Click on “Next” to go to next screen.
Select “Transfer data to other databases” and click next to go to next step.
Provide WebSphere Application Server username and password to start WebSphere_Portal server. Click “Next” to go to next screen.
Wizard will check if server is started or not. If server is not started then it will start the server before moving to next screen.
Select “IBM Derby” from the options to select the source database. Click “Next” to go to next screen.
Select “IBM DB2 Universal Database” to select the target database. Click “Next” to go to next screen
Specify database server name or provide IP address in “DbHostName” and “DbPort”. Also specify complete path for “DbLibrary” files. You need to specify the location for the jar files “db2jcc.jar” and “db2jcc_license_cu.jar”. Click “Next” to go to next screen.
Specify “DbName”, “DbUser” (having admin access) and “DbPassword” for “community” database. You can specify other custom information as well according to your need. Click “Next” to go to next screen.
Wizard will validate the information provided by you before moving to next screen. You just have to wait for it to finish verification to go to next screen.
Specify “DbName”, “DbUser” (having admin access) and “DbPassword” for “customization” database. You can specify other custom information as well according to your need. Click “Next” to go to next screen.
Specify “DbName”, “DbUser” (having admin access) and “DbPassword” for “FEEDBACK” database. You can specify other custom information as well according to your need. Click “Next” to go to next screen.
Specify “DbName”, “DbUser” (having admin access) and “DbPassword” for “jcr” database. You can specify other custom information as well according to your need. Click “Next” to go to next screen.
Specify “DbName”, “DbUser” (having admin access) and “DbPassword” for “likeminds” database. You can specify other custom information as well according to your need. Click “Next” to go to next screen.
Specify “DbName”, “DbUser” (having admin access) and “DbPassword” for “release” database. You can specify other custom information as well according to your need. Click “Next” to go to next screen.
Check all the information in that you specified in this screen. If everything is correct then click “Next” to start the transfer of the databases. You will get successful message if everything goes well without any error.
You can now start and stop the servers to propagate the changes. If servers start without any errors and you are able to login successfully using GUI then you have successfully transferred the databases.
Subscribe to:
Posts (Atom)